This content has been marked as final. Show 2 replies
WS-Security can be enabled by checking the "User/Password Required" check-box via "PeopleTools-> Integration Broker-> Integration Setup-> Service Operations". You can grant access to specific Permission Lists by clicking the "Service Operation Security" link. Create a user/role that has access to this permission list and instruct your "third party" to include a wsse security header containing the username and password in the soap message.
I don't know of any provided way to filter requests based on the requesting domain. This can be done through a reverse proxy, apache httpd with mod_rewrite for example.
The PeopleBooks contain a whole chapter on how to set up secure integration between environments:
I've linked the 8.52 version here, so depending on your actual tools version you might have to search for it in the books for your version.
I think there isn't an 'easiest' way when securing webservices properly. My advice would be what Bauke suggested in combination with SSL/TLS encryption. This in combination with certificates prevents any unwanted access.